Author Topic: Malicious URL Blocked  (Read 5629 times)

0 Members and 1 Guest are viewing this topic.

devilxsky

  • Guest
Malicious URL Blocked
« on: April 18, 2013, 03:55:24 PM »
Hi. I a, facing a malicious URL blocked and the notification keep pop-up every minutes. I followed the instruction on the Logs to assist in cleaning malware. This is the log for AdwCleaner and also Malwarebytes-Anti Malware. Do i need do scan for the OLT and aswMBR too ? thanks

devilxsky

  • Guest
Re: Malicious URL Blocked
« Reply #1 on: April 18, 2013, 03:59:29 PM »
This is MBAM log

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37614
  • Not a avast user
Re: Malicious URL Blocked
« Reply #2 on: April 18, 2013, 04:00:33 PM »
yepp... also OTL.   that is the most important one .... and aswMBR


devilxsky

  • Guest
Re: Malicious URL Blocked
« Reply #3 on: April 18, 2013, 06:50:06 PM »
These are the 2 remaining logs

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Malicious URL Blocked
« Reply #4 on: April 18, 2013, 06:53:04 PM »
Monitoring

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Malicious URL Blocked
« Reply #5 on: April 18, 2013, 06:59:55 PM »
Hi,
I need to know do you use multiboot ( Windows 8  |  Linux ) for example or something simular with MBR?


Will you please re-run Malwarebytes AntiMalware, click on QuickScan, check all boxex to remove all items ...reboot and attach here fresh MBAM.txt logreport.




****************




Please download zoek.exe and save it to your desktop.

  • Close any open browsers.
  •   Temporarily disable your AntiVirus program. (If necessary)
    If you are unsure how to do this please read this or this Instruction.



  • Double click on zoek.exe to run the tool .
    Please wait while the tool does not start...


  • Copy the text present inside the code box below and paste it into the large window in the zoek tool:
Code: [Select]

standardsearch;
emptyclsid;

  • Click on Run script button
    Please wait until a logreport will open (this can be after reboot)

  • Save notepad to your Desktop and attach here zoek-results.log

    Note: It will also create a log in the C:\ directory named "zoek-results.log"



devilxsky

  • Guest
Re: Malicious URL Blocked
« Reply #6 on: April 19, 2013, 03:12:51 PM »
Hi. sorry for the late reply. i'm using Window 8

devilxsky

  • Guest
Re: Malicious URL Blocked
« Reply #7 on: April 19, 2013, 03:22:53 PM »
Hi. this is the zoek result

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Malicious URL Blocked
« Reply #8 on: April 19, 2013, 05:25:53 PM »
Hi,

Re-run zoek.exe as you did before but you will use this script:

Code: [Select]
C:\Users\User\LOCALS~1\Temp\ccvmbvzwu.cmd;f
C:\users\User\AppData\Roaming\coreavc.ini;f
C:\$Recycle.Bin\S-1-5-21-990727462-271670191-2699835602-1002\$IK21NGF.exe;f
C:\$Recycle.Bin\S-1-5-21-990727462-271670191-2699835602-1002\$RK21NGF.exe;f
C:\Users\User\funshion\funshiontools\FSPAP.exe;i
C:\Program Files (x86)\alaplaya;M6
C:\Program Files (x86)\plaync;M6
C:\Program Files (x86)\Baidu;M6
C:\ProgramData\Baidu;M6
C:\Program Files (x86)\TTPlayer;M6
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya;M6
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\plaync;M6
emptyrecycle.bin;
emptyalltemp;
autoclean;
ccvmbvzwu;z


Click on RunScript. Attach here fresh zoek.exe logreport.


note: zoek will reboot your PC and when windows load again, it pop-up fresh zoek.exe log.
If zoek fresh log doesn't pop-ups, then just re-run zoek ( double clicking, dont't use script again) manual and zoek will automatic generate new zoek log.

devilxsky

  • Guest
Re: Malicious URL Blocked
« Reply #9 on: April 20, 2013, 11:40:10 AM »
Hi. thanks.. hers is the new zeok log

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Malicious URL Blocked
« Reply #10 on: April 20, 2013, 12:28:57 PM »
Step#1

Download TDSSKiller  and save it to your desktop

    Execute TDSSKiller.exe by doubleclicking on it.

  •     Press Start Scan

     
  •   If Suspicious object is detected, the default action will be Skip, click on Continue.
     
  •   If Malicious objects are found, select Cure.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


***************************


Step#2


Re-run zoek.exe as you did before but use this script:

Code: [Select]
C:\Users\Public\Desktop\sample_ÖÜÁù0420_1730.zip;f
C:\Users\User\AppData\Local\Temp\ccvmbvzwu.cmd;f
C:\Windows\Prefetch\CCVMBVZWU.CMD-38904C33.pf;f
emptyrecycle.bin;
emptyalltemp;
autoclean;

Click on RunScript. Attach here fresh zoek log


***************************




Step#3


Again, re-run zoek.exe and use this script:

Code: [Select]
systemspecs;
installedprogs;
startupall;
filesrcm;
skipfix-iedefaults;
firefoxlook;
chromelook;


Click on RunScript button. Attach here fresh zoek log



> How's your computer running now?